Service Announcement - 30 January 2024 Warning of another phishing attack

The university is currently being targeted by a highly professional phishing campaign aimed at stealing access data for university IDs and project accounts.

These phishing emails have various fake senders who pretend to be sent by Microsoft Teams. It is difficult to tell from the content that this is an attack. However, each email contains at least one link to a website that looks like a login page for an IT service.
We have blocked the domain addresses of the web servers within the university that we are currently aware of. However, this measure is only effective if you are in the university network.

Screenshots of the phishing mail

Please pay attention to the following points to protect your account:

  • When using login windows of university services, please make sure that the URL in the address line ends with .uni-heidelberg.de!
  • Please check the sender of the e-mail or the e-mail address carefully and do not click on any links/attachments from unknown persons outside the university.
  • Please delete suspicious mails immediately.
  • Please never enter your access data on suspicious login pages.
  • If you have already entered your own account data, please change your password as soon as possible or contact the URZ IT service immediately for support.